Last updated on March 26th, 2018 at 07:07 am
It’s not enough to just install an SSL certificate for your domain name in order to make your WordPress site load completely through HTTPS. Actually, some webmasters prefer having both HTTP and HTTPS versions of their website. But if you want to grant a completely secure connection for all your visitors, you should force HTTPS for all traffic through a mod_rewrite rule in .htaccess.
Force HTTPS for all web traffic
You will need to just add the following lines above every other existing code in your .htaccess file. The mod_rewrite rule will automatically rewrite the URLs for you:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www. yoursite.com/$1 [R,L]
Force HTTPS for a specific site / domain only
In order to secure the connection of a specific domain name on your hosting account, you’d need to add the following .htaccess rules in the root folder of the target site:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^yoursite\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yoursite.com/$1 [R,L]
When you use the code, please make sure that you replace the domain name used in the example code which in our case is ‘www.yoursite.com’ or just ‘yoursite’ with your actual domain name. The same is valid for websites that don’t use www in front of the domain name.
Force HTTPS for a specific folder only
Additionally, you can force HTTPS on a folder basis – just paste the following lines in the .htaccess file which is in the folder in question. What you need to do in this case is to just replace ‘folder’ with the real folder name:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} folder
RewriteRule ^(.*)$ https://www.yoursite.com/folder/$1 [R,L]
How to create an .htaccess file manually
If your site doesn’t have an .htaccess file for some reason, you can create a new .htaccess file from your cPanel. Just click on cPanel -> File Manager and navigate to your site’s installation folder. Then just click on the New File button, type ‘.htaccess’ for name and click on Create New File. Then just right click on the newly created .htaccess file, select Code Edit and paste your preferred .htaccess rule for forcing HTTPS for the site:
In my example I used a GoDaddy hosting account but the steps for creating an .htaccess file should be identical for every hosting provider that uses cPanel.
